fix disallow_host_network_hostport policy

samples/best_practices/disallow_host_network_hostport.yaml

@@ -1,24 +1,33 @@
 apiVersion: kyverno.io/v1alpha1
 kind: ClusterPolicy
 metadata:
-  name: validate-host-network-hostport
+  name: host-network-port
   annotations:
     policies.kyverno.io/category: Security
     policies.kyverno.io/description: Using 'hostPort' and 'hostNetwork' allows pods to share 
       the host network stack, allowing potential snooping of network traffic from an application pod.
 spec:
   rules:
-  - name: validate-host-network-hostport
+  - name: validate-host-network
     match:
       resources:
         kinds:
         - Pod
     validate:
-      message: "Defining hostNetwork and hostPort are not allowed"
+      message: "Use of hostNetwork is not allowed"
+      pattern:
+        spec:
+          =(hostNetwork): false
+  - name: validate-host-port
+    match:
+      resources:
+        kinds:
+        - Pod
+    validate:
+      message: "Use of hostPort is not allowed"
       pattern:
         spec:
-          (hostNetwork): false
           containers:
           - name: "*"
-            ports:
+            =(ports):
             - hostPort: null

test/scenarios/samples/best_practices/scenario_validate_disallow_host_network_hostport.yaml

@@ -5,14 +5,16 @@ input:
 expected:
   validation:
     policyresponse:
-      policy: validate-host-network-hostport
+      policy: host-network-port
       resource:
         kind: Pod
         apiVersion: v1
         namespace: ''
         name: "nginx-host-network"
       rules:
-        - name: validate-host-network-hostport
+        - name: validate-host-network
+          type: Validation
+          success: true   
+        - name: validate-host-port
           type: Validation
-          message: "Validation error: Defining hostNetwork and hostPort are not allowed\nValidation rule 'validate-host-network-hostport' failed at path '/spec/containers/0/ports/0/hostPort/'."
           success: false